<?php
/**
 * Ora - 公用 模块
 * @author lan7
 * @copyright lan7.net
 * @version 2.0
 */

if(!defined('IN_ORA')) {
	exit('Access Denied');
}

class common extends mod{
	/**
	 * 验证码
	 *
	 */
	function verify(){
		session_start();
		import("lib.image");
		if (isset($_REQUEST['adv'])) {
			Image::showAdvVerify();
		} else {
			Image::buildImageVerify();
		}
		exit();
	}

	/**
	 * 会员登录
	 *
	 */
	function login(){
		$this->setTplDir(PUBLIC_PATH);
		$this->setMsgTpl("admin/msg.html");
		if(isset($_POST["submit"])){
			//处理登录操作
			session_start();
			$username = $_POST["username"];
			$passwd  = $_POST["passwd"];
			$verify = $_POST["verify"];
			if($_SESSION["verify"]!=md5($verify)){
				$this->showMsg("验证码不正确!",parse_uri("common-login"),1);
			}
			if($username == ""){
				$this->showMsg("请输入帐号!",parse_uri("common-login"),1);
			}
			if($passwd ==""){
				$this->showMsg("请输入密码!",parse_uri("common-login"),1);
			}
			$rs = $this->chkAdmin($username,$passwd);
			if($rs){
				$_SESSION[$GLOBALS['ora_cfg']['sess_prefix']."admin"] = $rs;
				$this->showMsg("登录成功!",parse_uri("admin-index"),1);
			}else{
				$this->showMsg("帐号密码错误!",parse_uri("common-login"),1);
			}
		}else{
			$this->display("admin/login.html");
		}
	}

	/**
	 * 注销登录
	 *
	 */
	function logout(){
		session_start();
		$this->setTplDir(PUBLIC_PATH);
		$this->setMsgTpl("admin/msg.html");
		unset($_SESSION[$GLOBALS['ora_cfg']['sess_prefix']."admin"]);
		unset($_SESSION["member"]);
		$this->showMsg("注销成功!");
	}

	/**
	 * 检查是否为管理员
	 *
	 * @param unknown_type $username
	 * @param unknown_type $passwd
	 * @return unknown
	 */
	function chkAdmin($username,$passwd){
		$sql = "select * from ".tn("members")." where uname = '$username' and  passwd = '".md5($passwd)."' and isadmin = 1";
		$info = $this->db->getOne($sql);
		if($info){
			return $info;
		}
		return false;
	}
}

?>